Arbitrary code can be executed on the remote host through the web client.
Description :
The remote host contains a version of the HTML Helpfacility ActiveX control
module which is vulnerable to a security flaw which may allow an attacker
to execute arbitrary code on the remote host by constructing a malicious
web page and entice a victim to visit this web page.
Solution :
Microsoft has released a set of patches for Windows NT, 2000 and XP :
